Sebastian Lekies is a Senior Software Engineer at Google and a PhD Student at the Ruhr-University Bochum. His research interests include client-side Web application security and Web application security scanning. At Google, Sebastian is tech leading the Web application security scanning team, which develops Google's internal Web security scanner. Before joining Google, Sebastian was part of SAP's Security Research team, where he conducted academic research in the area of client-side Web application security. Sebastian is regularly speaking at academic and non-academic security conferences such as BlackHat US/EU/Asia, DeepSec, OWASP AppSec EU, Usenix Security, CCS, and many more...
Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets